SmbFTPD SMBDirList Format String Vulnerability

SmbFTPD is prone to a format-string vulnerability.

This issue presents itself because the application fails to properly sanitize filenames.

A successful attack may allow attackers to crash the application or possibly to execute arbitrary code in the context of the user running the application.

Versions prior to SmbFTPD 0.97 are vulnerable to this issue.


 

Privacy Statement
Copyright 2010, SecurityFocus